[ANNOUNCEMENT] Updated: {gnutls/libgnutls28/gnutls-devel/gnutls-doc/gnutls-guile}-3.1.4-1: Library implementing TLS 1.0 and SSL 3.0 protocols

Dr. Volker Zell dr.volker.zell@oracle.com
Sun Nov 18 17:32:00 GMT 2012


Hi

New versions of 'gnutls/libgnutls28/gnutls-devel/gnutls-doc/gnutls-guile' have been uploaded to a server near you.

 o Update to latest upstream version
 o Build for cygwin 1.7.17 with gcc-4.5.3
 o Uses new libtasn1_6


gnutls NEWS:
===============

* Version 3.1.4 (released 2012-11-10)

** libgnutls: gnutls_certificate_verify_peers2() will set flags depending on
the available revocation data validity.

** libgnutls: Added gnutls_certificate_verification_status_print(),
a function to print the verification status code in human readable text.

** libgnutls: Added priority string %VERIFY_DISABLE_CRL_CHECKS.

** libgnutls: Simplified certificate verification by adding
gnutls_certificate_verify_peers3().

** libgnutls: Added support for extension to establish keys for SRTP.
Contributed by Martin Storsjo.

** libgnutls: The X.509 verification functions check the key
usage bits and pathlen constraints and on failure output
GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE.

** libgnutls: gnutls_x509_crl_verify() includes the time checks.

** libgnutls: Added verification flag GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN
and made GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN the default.

** libgnutls: Always tolerate key usage violation errors from the side
of the peer, but also notify via an audit message.

** gnutls-cli: Added --local-dns option.

** danetool: Corrected bug that prevented loading PEM files.

** danetool: Added --check option to allow querying and verifying
a site's DANE data.

** libgnutls-dane: Added pkg-config file for the library.

** API and ABI modifications:
gnutls_session_get_id2: Added
gnutls_sign_is_secure: Added
gnutls_certificate_verify_peers3: Added
gnutls_ocsp_status_request_is_checked: Added
gnutls_certificate_verification_status_print: Added
gnutls_srtp_set_profile: Added
gnutls_srtp_set_profile_direct: Added
gnutls_srtp_get_selected_profile: Added
gnutls_srtp_get_profile_name: Added
gnutls_srtp_get_profile_id: Added
gnutls_srtp_get_keys: Added
gnutls_srtp_get_mki: Added
gnutls_srtp_set_mki: Added
gnutls_srtp_profile_t: Added
dane_cert_type_name: Added
dane_match_type_name: Added
dane_cert_usage_name: Added
dane_verification_status_print: Added
GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED: Added
GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE: Added
GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE: Added
GNUTLS_CERT_UNEXPECTED_OWNER: Added
GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN: Added


CYGWIN-ANNOUNCE UNSUBSCRIBE INFO
================================


If you want to unsubscribe from the cygwin-announce mailing list, please
use the automated form at:


http://cygwin.com/lists.html#subscribe-unsubscribe

If this does not work, then look at the "List-Unsubscribe: " tag in the
email header of this message.  Send email to the address specified
there.  It will be in the format:


cygwin-announce-unsubscribe-you=yourdomain.com@cygwin.com

If you need more information on unsubscribing, start reading here:

http://sourceware.org/lists.html#unsubscribe-simple

Please read *all* of the information on unsubscribing that is available
starting at this URL.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple



More information about the Cygwin mailing list